maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

refactor domainValidate() function; allow underscore in CNAME and SRV entries

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-14 11:51:19 +01:00
parent e3a78f0f84
commit 1e816de8cf
3 changed files with 50 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/classes/api/commands/class.DomainZones.php
View File

@@ -162,7 +162,7 @@ class DomainZones extends ApiCommand implements ResourceEntity
// add domain name // add domain name
$content .= '.' . $domain; $content .= '.' . $domain;
} }
if (! validateDomain($content)) { if (! validateDomain($content, true)) {
$errors[] = $this->lng['error']['dns_cname_invaliddom']; $errors[] = $this->lng['error']['dns_cname_invaliddom'];
} else { } else {
// check whether there are RR-records for the same resource // check whether there are RR-records for the same resource
@@ -208,7 +208,7 @@ class DomainZones extends ApiCommand implements ResourceEntity
$target = substr($target, 0, - 1); $target = substr($target, 0, - 1);
} }
} }
if ($target != '.' && ! validateDomain($target)) { if ($target != '.' && ! validateDomain($target, true)) {
$errors[] = $this->lng['error']['dns_srv_needdom']; $errors[] = $this->lng['error']['dns_srv_needdom'];
} else { } else {
// check whether there is a CNAME-record for the same resource // check whether there is a CNAME-record for the same resource

36
lib/functions/validate/function.validateDomain.php
View File

@@ -2,7 +2,6 @@
/** /**
* This file is part of the Froxlor project. * This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors). * Copyright (c) 2010 the Froxlor Team (see authors).
* *
* For the full copyright and license information, please view the COPYING * For the full copyright and license information, please view the COPYING
@@ -10,7 +9,6 @@
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
* *
* @copyright (c) the authors * @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-) * @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions * @package Functions
@@ -18,24 +16,30 @@
*/ */
/** /**
* Check if the submitted string is a valid domainname, i.e. * Check if the submitted string is a valid domainname
* it consists only of the following characters ([a-z0-9][a-z0-9\-]+\.)+[a-z]{2,4}
* *
* @param string The domainname which should be checked. * @param string $domainname
* The domainname which should be checked.
* @param bool $allow_underscore
* optional if true, allowes the underscore character in a domain label (DKIM etc.)
* *
* @return string|boolean the domain-name if the domain is valid, false otherwise * @return string|boolean the domain-name if the domain is valid, false otherwise
*/ */
function validateDomain($domainname) { function validateDomain($domainname, $allow_underscore = false)
{
// we add http:// because this makes a domain valid for the filter; if (is_string($domainname)) {
$domainname_tmp = 'http://' . $domainname; $char_validation = '([a-z\d](-*[a-z\d])*)(\.?([a-z\d](-*[a-z\d])*))*\.([a-z\d])+';
if ($allow_underscore) {
// we just always use our regex $char_validation = '([a-z\d\_](-*[a-z\d\_])*)(\.([a-z\d\_](-*[a-z\d])*))*(\.?([a-z\d](-*[a-z\d])*))+\.([a-z\d])+';
$pattern = '/^http:\/\/([a-z0-9]([a-z0-9\-]{0,61}[a-z0-9])?\.)+[a-z0-9\-]{2,63}$/i';
if (preg_match($pattern, $domainname_tmp)) {
return $domainname;
} }
if (preg_match("/^" . $char_validation . "$/i", $domainname) && // valid chars check
preg_match("/^.{1,253}$/", $domainname) && // overall length check
preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domainname)) // length of each label
{
return $domainname;
}
}
return false; return false;
} }
@@ -46,8 +50,8 @@ function validateDomain($domainname) {
* *
* @return string|boolean hostname on success, else false * @return string|boolean hostname on success, else false
*/ */
function validateLocalHostname($hostname) { function validateLocalHostname($hostname)
{
$pattern = '/^([a-zA-Z0-9\-])+$/i'; $pattern = '/^([a-zA-Z0-9\-])+$/i';
if (preg_match($pattern, $hostname)) { if (preg_match($pattern, $hostname)) {
return $hostname; return $hostname;

27
tests/DomainZones/DomainZonesTest.php
View File

@@ -330,6 +330,33 @@ class DomainZonesTest extends TestCase
DomainZones::getLocal($admin_userdata, $data)->add(); DomainZones::getLocal($admin_userdata, $data)->add();
} }
/**
* @depends testAdminDomainZonesAddCname
*/
public function testAdminDomainZonesAddCnameUnderscore()
{
global $admin_userdata;
$data = [
'domainname' => 'test2.local',
'record' => 'dkimtest',
'type' => 'CNAME',
'content' => 'test._domainkey.myhost.tld.'
];
$json_result = DomainZones::getLocal($admin_userdata, $data)->add();
$result = json_decode($json_result, true)['data'];
$this->assertTrue(count($result) > 1);
$found = false;
foreach ($result as $entry) {
if (substr($entry, strlen('test._domainkey.myhost.tld.') * -1) == 'test._domainkey.myhost.tld.') {
$found = true;
break;
}
}
$this->assertTrue($found);
$this->assertEquals('dkimtest 18000 IN CNAME test._domainkey.myhost.tld.', $entry);
}
public function testAdminDomainZonesAddNS() public function testAdminDomainZonesAddNS()
{ {
global $admin_userdata; global $admin_userdata;